Description
Permissions vulnerabiltiy found in Xuxueli xxl-job v2.2.0, v 2.3.0 and v.2.3.1 allows attacker to obtain sensitive information via the pageList parameter.
Remediation
References
https://github.com/xuxueli/xxl-job/issues/3096
Related Vulnerabilities
CVE-2020-36732 Vulnerability in maven package org.webjars.bowergithub.brix:crypto-js
CVE-2019-5484 Vulnerability in maven package org.webjars.npm:bower
CVE-2020-28472 Vulnerability in maven package org.webjars.npm:aws-sdk
CVE-2020-7722 Vulnerability in npm package nodee-utils
CVE-2019-17352 Vulnerability in maven package com.jfinal:jfinal